Click here to go back to frontpage

Data protection & legal matters

Privacy Statement
Information-Duties-accordance-with-Article-14-of-the-GDPR_2024
Auftragsverarbeitungvertrag
House rules and guidelines
Hausordnung
Garderobenordnung
Parkhausordnung
Technische Richtlinien
General Terms and Conditions
Allgemeine Vertragsbedingungen Technik
Allgemeine Einkaufsbestimmungen

Privacy Policy

We, m:con – mannheim:congress GmbH, Rosengartenplatz 2, 68161 Mannheim, represented by the Managing Director Bastian Fiedler, info@mcon-mannheim.de, see also our Masthead, are a company, which is among others specialised in the planning, the organisation and execution of events of all kinds, in particular of congresses (of a medical-scientific kind), (scientific) conferences, General Meetings, trade fairs, exhibitions, seminars, further training events as well as other commercial events. The events are carried out in the Congress Center Rosengarten Mannheim or other venues by ourselves or supervised as a service provider for another organiser. Having given this initial introduction we would like to satisfy our information obligations pursuant to Art. 13 and Art. 14 GDPR.

§ 1 CON­TACT DATA OF THE DATA CON­TROL­LER & OF THE DATA PRO­TEC­TION OF­FI­CERS

The data controller pursuant to Art. 4 Para. 7 EU General Data Protection Regulation (GDPR) is m:con – mannheim:congress GmbH, Rosengartenplatz 2, 68161 Mannheim, represented by the Managing Director Bastian Fiedler, info@mcon-mannheim.de, see also our Masthead. You can contact our data protection officer under datenschutz@mcon-mannheim.de or our postal address with the supplement “the data protection officer”.

§ 2 IN­FOR­MA­TI­ON ABOUT THE COLLEC­TION OF PER­SO­NAL DATA

(1) We will inform you below about the collection of personal data when using our website. Personal data are all data, which refer to you personally, e.g. name, address, email addresses, user behaviour (hereinafter referred to as “personal data” or only “data”).

(2) If you contact us by email or via a contact form the personal data communicated by you (your email address, if applicable your name and your telephone number) will be stored by us in order to answer your questions or to process your concern. We will erase the personal data produced in this connection with your contact request after the storage is no longer necessary or we will limit the processing, if statutory storage obligations exist. The legal basis is Art. 6 Para. 1 S. 1 lit. a, f GDPR. If your contact aims at the conclusion of a contract with us then the legal basis for the processing is Art. 6 Para. 1 S. 1 lit. b GDPR. 

(3) If we resort to commissioned service providers for individual functions of our website or would like to use your personal data for advertising purposes we will inform you about the respective activities in detail below. 

(4) This privacy policy applies only to this website. It does not apply to other websites to which we merely refer via a hyperlink. We cannot accept any responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please refer directly to these websites for information on how these companies handle your personal data.

§ 3 DEPLOYMENT ANS USE OF THE WEBSITE

(1) 

(1) If you use this website without transmitting data to us in any other way, e.g. by registering or using the contact form, we collect technically necessary data via server log files, which are automatically transmitted to our server, these are:

  • IP address
  • Date and time of the request
  • Name and URL of the retrieved file
  • Website from which the access was made
  • Access status/http status code
  • Browser type
  • Language and version of the browser software
  • Operating system

(2) This processing is technically necessary in order to display our website to you. We also use the data to ensure the security and stability of our website. The legal basis for this processing is Art. 6(1)(f) GDPR. The processing of the aforementioned data thus serves to safeguard a legitimate interest of our company.

(3) As soon as the aforementioned personal data is no longer required to display the website, it will be deleted. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object to this aspect. Further storage may take place in individual cases if this is required by law.

§ 4 COLLECTION OF DATA DURING A VISIT BY COOKIES

(1) Type, scope and purpose of data processing

We use cookies. Cookies are small files that are sent by us to the browser of your end device and stored there when you visit our website.

Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, on the other hand, enable us to perform various analyses. For example, some cookies can recognise the browser you are using when you visit our website again and transmit various information to us. We use cookies to facilitate and improve the use of our website. Among other things, cookies enable us to make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. However, cookies do not cause any damage to your end device. They cannot execute programmes or contain viruses. Various types of cookies are used on our website, the type and function of which are explained below.

Temporary cookies/session cookies

Our website uses so-called temporary cookies or session cookies, which are automatically deleted as soon as you close your browser. This type of cookie makes it possible to record your session ID. As a result, various requests from your browser can be assigned to a common session and it is possible to recognise your end device on subsequent website visits.

Permanent cookies

So-called permanent cookies are used on our website. Persistent cookies are cookies that are stored in your browser for a longer period of time and can transmit information. The respective storage period differs depending on the cookie. You can delete permanent cookies yourself in your browser settings.

Third-party cookies

We use analytical cookies to monitor anonymised user behaviour on our website.

We also use advertising cookies. These cookies can be used to track user behaviour for advertising and targeted marketing purposes.

Social media cookies make it possible to establish a connection to your social networks and share content from our website within your networks.

Configuration of the browser settings

Most web browsers are preset to accept cookies automatically. However, you can configure your browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may then no longer be able to use all the functions of our website. You can also use your browser settings to delete cookies already stored in your browser. It is also possible to set your browser to notify you before cookies are stored. As the various browsers may differ in their respective functionalities, we ask you to use the respective help menu of your browser for the corresponding configuration options.

Deactivating the use of cookies may require the storage of a permanent cookie on your computer. If you subsequently delete this cookie, you will have to deactivate it again.

(2) Legal basis
Due to the purposes of use described, the legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f) GDPR. If you have given us your consent to the use of cookies on the basis of a notice (“cookie banner”) provided by us on the website, the legal basis is additionally Art. 6 para. 1 lit. a) GDPR.

(3) Storage period
As soon as the data transmitted to us via cookies is no longer required for the purposes described above, this information will be deleted. Further storage may take place in individual cases if this is required by law.

§ 5 Data collection for the implementation of pre-contractual measures and for contract fulfilment

(1) Type and scope of data processing
We collect personal data about you in the pre-contractual area and upon conclusion of the contract. This concerns, for example, first and last name, address, e-mail address, telephone number or bank details.

(2) Purpose and legal basis of data processing
We collect and process this data exclusively for the purpose of executing the contract or fulfilling pre-contractual obligations. The legal basis for this is Art. 6 para. 1 lit. b) GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a) GDPR.

(3) Storage period
The data will be deleted as soon as it is no longer required for the purpose of its processing. In addition, there may be statutory retention obligations, for example commercial or tax retention obligations under the German Commercial Code (HGB) or the German Fiscal Code (AO). If such retention obligations exist, we will block or delete your data at the end of these retention obligations.

§ 6 DATA TRANSMISSION 

We only pass on your personal data to third parties if:

(1) You have given your express consent to this in accordance with Art. 6 para. 1 lit. a) GDPR.

(2) This is permitted by law and is necessary for the fulfilment of a contractual relationship with you or the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b) GDPR.

(3) There is a legal obligation for the disclosure pursuant to Art. 6 para. 1 lit. c) GDPR.

(4) we are legally obliged to transfer data to state authorities, e.g. tax authorities, social insurance institutions, health insurance funds, supervisory authorities and law enforcement authorities.

(5) The disclosure pursuant to Art. 6 para. 1 lit. f) GDPR is necessary for the protection of legitimate company interests, as well as for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.

§ 7 FUR­THER FUNC­TIONS AND OF­FERS OF OUR WEB­SITE

(1) Besides the purely informative use of our website we offer various services, which you may use in case of interest. For this purpose you must, as a rule, enter further data, which we use to provide the respective service and for which, the previously stated principles regarding data processing apply.

(2) We partly use external service providers for the processing of your data. These were selected carefully by us and commissioned, are bound to our instructions and are controlled regularly.

(3) Insofar as our service providers or partners have their registered seat in a state outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.

§ 8 NEWSLETTER

(1) With your consent you can subscribe to our newsletter, with which we inform you about our current offers. The advertised services are named in the declaration of consent to the receipt of a newsletter and given here as a summary once again:

We, m:con – mannheim:congress GmbH, are a company, which is among others specialised in the planning, the organisation and execution of events of all kinds, in particular of congresses (of a medical-scientific kind), (scientific) conferences, General Meetings, trade fairs, exhibitions, seminars, further training events as well as other commercial events. The events are carried out in the Congress Center Rosengarten Mannheim or other venues by us as organiser or supervised as a service provider for another organiser. The entire content of the declaration of consent, which is shown within the registration process for the newsletter-subscription, can be called here once again. Your consent is necessary, which we hereby request, for the sending of information to your email address.

(2) We use the so-called Double-opt-in-process for the registration to our newsletter. This means that we will send you an email to the stated email address after your registration, in which we request you for confirmation that you request the sending of the newsletter. Only after the confirmation of your registration will you receive the newsletter. In addition, we respectively store your used IP addresses and times of the registration and confirmation. The purpose of the procedure is to prove your registration and, if applicable, to be able to clarify a possible misuse of your personal data.

(3) The mandatory detail for the sending of the newsletter is solely your email address. The entry of further, separately marked data is voluntary and is used in order to be able to address you personally. After your confirmation we store your email address for the purpose of sending the newsletter. The legal basis is Art. 6 Para. 1 S. 1 lit. a GDPR.

(4) Pursuant to Art. 7 Para. 3 GDPR you can revoke your consent to the sending of the newsletter at all times with effect for the future and cancel the newsletter. You can declare the revocation by email simply by clicking on the link provided in each newsletter email.

(5) We would like to point out to you that we evaluate your user behaviour with the despatch of the newsletter. For this evaluation the sent emails include so-called web beacons or tracking pixel, which present one-pixel-image files that are stored on our website.

Data are exclusively collected pseudonymised, the IDs are therefore not linked with your further personal data, a direct ability for reference to a person is excluded.

(6) For the sending of our newsletter we use the Newsletter-Tool of the DIN ISO/IEC 27001-certified company CleverReach. We create and manage the newsletter herewith. The necessary data of the newsletter recipient are made available in this respect web-based on a server of CleverReach. Merely we, as the data controller, have access hereto. The cooperation between us and CleverReach is carried out on the basis of a contractual agreement. The General Business Terms and Conditions of CleverReach can be called under www.cleverreach.com/de/agb/.  The handling of the data conform to data protection is ensured therein under the section data protection as well as under https://www.cleverreach.com/de/datensicherheit/ .

(7) The Newsletter-Tool analyses the range of the newsletter. With the sending of your data in our newsletter form, you declare that you agree with the data processing by CleverReach to the extent that can be seen. The following cookies are used hereby:

§ 9 ON­LINE JOB AP­P­LI­CA­TI­ONS AND PU­BLI­CA­TI­ON OF JOB AD­VER­TI­SE­MENTS

We offer you the possibility to apply for vacancies in our company by email or by post. With these applications your applicant and application data are collected electronically and processed by us for the processing of the application procedure. The legal basis for this is Section 26 Para. 1 S. 1 German Federal Data Protection Act [Bundesdatenschutzgesetz – BDSG] in conjunction with Art. 88 Para. 1 GDPR.

Insofar as an employment contract is concluded after the application procedure data processing will be carried out for the purpose of the employment relationship. We store the data you submit with your application for the purpose of the usual organisational and administrative process. The legal basis for this processing is also Section 26 Para. 1 S. 1 BDSG in conjunction with Art. 88 Para. 1 GDPR.

If an application is rejected we shall erase the data transmitted to us automatically three months after the announcement of the rejection. The erasure will, however, not be carried out if the data require a longer storage of up to four months or until the conclusion of court proceedings owing to statutory provisions, for example owing to the evidentiary obligations according to the German General Act on Equal Treatment [Allgemeines Gleichbehandlungsgesetz – AGG]. The legal basis in this case is Art. 6 Para. 1 lit. f GDPR and Section 24 Para. 1 No. 2 BDSG. Our legitimate interest lies in the defence or assertion of rights.

Insofar as you explicitly consent to a longer storage of your data, for example for your inclusion in a candidate or interested party database, the data will continue to be processed owing to your consent. The legal basis is then Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at all times according to Art. 7 Para. 3 GDPR by a declaration towards us with effect for the future.

§ 8 SOCIAL-MEDIA-CHANNELS

(1) In order to advertise our and services as well as for the communication with interested parties and customers, we operate corporate profiles on various social media platforms, to which we provide links.

(2)When you visit our website principally no personal data are forwarded to the respective operator of the social media platform.

(3) A forwarding of personal data through your visit to the website to the operator of the respective social media platform will only be carried out if you are already logged into the platforms. 

(4) We neither have any influence on the collected data and data processing activities, nor are we aware of the full extent of the data collection, the purposes of the processing or the storage deadlines. Neither is any information available to us regarding the erasure of the collected data by the plugin provider.

(5) The respective platform operator stores the data collected in relation to you as usage profiles and uses these, if applicable, for the purpose of advertising, market research and/or to design its platform suitable for the needs. Such an evaluation is in particular carried out (also for users who are not logged in) in order to present advertising suitable for the needs and to inform other users of the social network about your activities on our website. You are entitled to a right to object to the formation of these user profiles, whereby you must contact the respective operator of the platform in order to exercise this right. Via the social media button we offer you the possibility to interact with the social networks and other users so that we can improve our offer and design it more interesting for you as a user. The legal basis for the use of the plugins is Art. 6 Para. 1 S. 1 lit. a GDPR.

(6) We hereby use the following social media channels for the website www.mcon-mannheim.de

a. YouTube

i. In order to advertise our services as well as for the communication with interested parties and customers we use the internet video portal of YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC, is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Youtube).    

ii. We have no influence on the type and manner of the data processing by Youtube. Youtube is responsible for the data processing in connection with the use of the Youtube channel. The use of the functions of Youtube is carried out at the user’s own responsibility. This shall in particular apply to the use of the interactive functions (e.g. share, assess, submission of comments). Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 is responsible for persons living outside of the United States. You can refer to the privacy statement of Youtube with regard to what extent data are processed by Youtube, cf. https://policies.google.com/privacy?hl=de&gl=de

iii. We do not collect any data via our Youtube channel. The data entered by you with Youtube, in particular your user name and the contents published under your account, are merely processed by us to the extent that we, if applicable, share your comments or reply to these or also write comments ourselves, which refer to your account. The data published and distributed freely by you on Youtube are thus included by us and made accessible to its followers.

iv. Transmission to third parties or to a third country
We would like to point out that there is the possibility that data of the users are processed outside of the European Union, in particular in the USA. This can lead to increased risks for the users to the extent that e.g. the later access to the user data can be made more difficult. Neither do we have any access to these user data. The access possibility lies exclusively with Youtube. Youtube has submitted itself to the EU-US Privacy Framework, https://www.privacyshield.gov/EU-US-Framework

v. The legal basis for the processing of personal data carried out hereby and depicted below is Art. 6 Para. 1 lit. f GDPR.

vi. You can find further information under the data protection notices of Youtube under https://policies.google.com/privacy?hl=de&gl=de.
 

c. Facebook

i. For the advertising of our services as well as for the communication with interested parties and customers we operate a company presence on the Facebook platform.

ii. On this social media platform we are jointly responsible with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, (hereinafter: Facebook).    
The data protection officer of Facebook can be contacted via a contact form, https://www.facebook.com/help/contact/540977946302970 .
We as (co-)data controller of the Fan-Pages with Facebook have concluded an agreement with regard to the respective obligations within the meaning of the GDPR.  
This agreement, from which the reciprocal obligations can be derived, can be called under the following link https://www.facebook.com/legal/terms/page_controller_addendum.

It principally applies:

  • Facebook and we as the site administrator are co-data controllers and have concluded a joint agreement , in which our respective obligations under the GDPR are regulated.
  • Facebook is primarily responsible for making information available to the user about the joint processing and enabling him to exercise his rights to which he is entitled pursuant to the GDPR. Pursuant to the GDPR the user has the right to information , rectification, portability  and erasure of his data as well as to object to the processing of his data and to limitation of the processing. In the Facebook-settings the user can find out more about these rights.
  • the Irish data protection commission exercises the supervision over Facebook.  The user has the right to lodge a complaint at the Irish data protection commission (see https://www.dataprotection.ie/) or at a local supervisory authority.

iii. When you visit our Facebook fan page  Facebook processes personal data from you.
A part of these data is made available to us via the so-called “Insights” (user statistics) in an aggregated form by Facebook. For this purpose Facebook stores a cookie on the user’s terminal device. 

We exclusively receive the user statistics in an anonymised form. We have no access to or insight into the respective underlying data.

iv. Facebook in particular uses the data collected within the scope of the fan page visit in order to distribute individualised advertising via its network. For more detailed information in this respect please refer to: https://www.facebook.com/policies/. We use the gained information in order to optimise our offer on Facebook. Based on the entered information we also receive demographic and geographical evaluations from Facebook, which we use specifically in order to place interest-based advertisements, however without receiving direct knowledge of the identity of a visitor. If a user uses Facebook on several technical devices the entry and evaluation can also be carried out cross-device if it concerns registered visitors who are respectively registered in their own profile.

v. The legal basis for the processing of personal data carried out hereby and depicted below is Art. 6 Para. 1 lit. f GDPR. When our online presence is called on the Facebook platform data of the user are processed by Facebook Ireland Ltd. as operator of the platform within the EU.

These data of the user serve for statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses these data for market research and advertising purposes as well as for the creation of profiles of the users. Based on these profiles it is, for example, possible for Facebook Ireland Ltd. to provide the users interest-related advertising within and outside of Facebook. If the user is logged into his account on Facebook at the time of the call Facebook Ireland Ltd. can moreover link the data with the respective user account. 

In the event of a contact of the user via Facebook the personal data of the user entered during this opportunity will be used in order to process the request. The data of the user will be erased in our company insofar as the user’s request has been finally answered and this is not opposed by any statutory storage obligations, such as e.g. with a subsequent contract processing.

Cookies are, if applicable, also used for the processing of the data by Facebook Ireland Ltd. Should the user not agree with this processing then there is the possibility to prevent the installation of the cookies by a corresponding setting of the browser. Already stored cookies can also be erased at all times. The settings in this respect depend on the respective browser. Should the user prevent or restrict the installation of the cookies, this can lead to the fact that not all functions can be used by Facebook in full.
More detailed information regarding the processing activities, their prevention and the erasure of the data processed by Facebook can be found in the data policy of https://www.facebook.com/policy.php.

It is not excluded that the processing by Facebook Ireland Ltd. is also carried out via Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025 in the USA. Facebook Inc. has submitted itself to the EU-US Privacy Framework and hereby declares the compliance with the data protection stipulations of the EU when processing the data in the USA.

vi. Further information pertaining to the data collection: 

d. Instagram

i. For the advertising of our services as well as for the communication with interested parties and customers we operate a company presence on the Instagram platform. Instagram is part of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (hereinafter: Instagram)

ii. The European Court of Justice (ECJ) decided with the judgement of 05.06.2018 (File no.: C-210/16) that the operator of a Facebook fan page is jointly responsible with Facebook for the processing of personal data of the visitors of its site.As the Instagram Business Account in the scope of services and functionality is comparable with a Facebook fan page, the principles from the judgement can be applied to Instagram. 

iii. On this social media platform we are jointly responsible with Instagram. The data protection officer of Instagram can be contacted via a contact form, https://www.facebook.com/help/contact/540977946302970 .We as (co-)data controller of the fan pages have concluded an agreement with Instagram with regard to the respective obligations within the meaning of the GDPR.  This agreement, from which the reciprocal obligations can be derived, can be called under the following link https://www.facebook.com/legal/terms/page_controller_addendum.  

It principally applies:

  • Instagram and we as the site administrator are co-data controllers and have concluded a joint agreement , in which our respective obligations under the GDPR are regulated.
  • Instagram is primarily responsible for making information available to the user about the joint processing and enabling him to exercise his rights to which he is entitled pursuant to the GDPR. Pursuant to the GDPR the user has the right to information, rectification, portability and erasure of his data as well as to object to the processing of his data and to limitation of the processing. In the Facebook-settings the user can find out more about these rights.
  • the supervision over Instagram is exercised by the Irish data protection commission.  The user has the right to lodge a complaint at the Irish data protection commission (see https://www.dataprotection.ie/) or at a local supervisory authority.

iv. If you visit our Instagram fan page Instagram processes personal data from you. A part of these data is made available to us via the so-called “Insights” (user statistics) in an aggregated form by Instagram. For this purpose Instagram stores a cookie on the terminal device of the user. We exclusively receive the user statistics in an anonymised form. We have no access to or insight into the respective underlying data.

v. Instagram in particular uses the data collected within the scope of a visit to the fan page in order to distribute individualised advertising via its network. You can find out more detailed information relating to the here: https://www.facebook.com/policies/cookies/ or https://help.instagram.com/519522125107875. We use the gained information in order to optimise our offer on Facebook.

Based on the entered information we also receive from Instagram demographic and geographical evaluations, which we use specifically in order to place interest-based advertisements, however without gained direct knowledge of the identity of a visitor. If a user uses Facebook on several technical devices the entry and evaluation can also be carried out cross-device if it concerns registered visitors who are respectively registered in their own profile.

​​​​​​​vi. The legal basis for the processing of personal data carried out hereby and depicted below is Art. 6 Para. 1 lit. f GDPR. 

These data of the user serve as statistical information about the use of our company presence on Instagram. Instagram uses these data for market research and advertising purposes as well as for creating profiles of the users. Based on these profiles it is, for example, possible for Instagram to provide interest-related advertising for the users within and outside of Instagram. If the user is logged into his account on Facebook at the time of the call Instagram can moreover link the data with the respective user account.        

In the event of a contact of the user via Instagram the personal data of the user entered during this opportunity will be used for processing the request. The data of the user will be erased in our company insofar as the request of the user has been finally answered and this is not opposed by any statutory storage obligations, such as e.g. with a subsequent contract processing.

Cookies are also, if applicable, used by Instagram for processing the data. Should the user not agree with this processing there is the possibility to prevent the installation of the cookies by a corresponding setting of the browser. Already stored cookies can also be erased at all times. The settings in this respect depend on the respective browser. Should the user prevent or restrict the installation of the cookies, this can lead to the fact that not all functions can be used by Instagram in full.

More detailed information regarding the processing activities, their prevention and the erasure of the data processed by Facebook can be found in the data policy of https://www.facebook.com/policy.php.

It is not excluded that the processing by Instagram is also carried out through parent companies in the USA, Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025. The parent company has submitted itself to the EU-US Privacy Framework and declares hereby the compliance with the data protection stipulations of the EU with the processing of the data in the USA.

​​​​​​​vii. Further information pertaining to the data collection: 

e. XING

i. For the advertising of our products and services as well as for the communication with interested parties and customers we operate a company presence on the XING platform.

ii. The European Court of Justice (ECJ) decided with the judgement of 05.06.2018 (File no.: C-210/16) that the operator of a Facebook fan page is jointly responsible with Facebook for the processing of personal data of the visitors of its site. As the XING account in the scope of services and functionality is comparable with a Facebook fan page, the principles from the judgement can be applied to XING. 

iii. On this platform we are jointly responsible with New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany, Tel.: +49 40 419 131-0, Fax: +49 40 419 131-11, email: info@xing.com for our company fan page.

The data protection officer of XING can be contacted via email: Datenschutzbeauftragter@xing.com or by post under Dammtorstraße 30, 20354 Hamburg, Germany.

We have as (co-)data controller of our company channel concluded an agreement with Facebook with regard to the respective obligations within the meaning of the GDPR. 

It principally applies:

  • XING and we as the site administrator are co-data controllers.
  • XING is primarily responsible for making information available to the user about the joint processing and enabling him to exercise the rights to which he is entitled pursuant to the GDPR. Pursuant to the GDPR the user has the right to information, rectification, portability and erasure of his data as well as to object to the processing of his data and to limitation of the processing. In the LinkedIn settings the user can find out more about these rights.
  • the supervision over XING is exercised by the Hamburg officer for data protection and freedom of information, Ludwig-Erhard-Str 22, 7th floor., 20459, Tel.: +49 (0)40 428 54 4040, Fax: +49 (0)40 / 428 54 – 4000, email: mailbox@datenschutz.hamburg.de.

iv. When you visit our XING page XING processes personal data from you. A part of these data is made available to us via the so-called “XING” (user statistics) in an aggregated form by XING. For this purpose XING stores a cookie on the terminal device of the user.  We exclusively receive the user statistics in an anonymised form. We have no access to or insight into the respective underlying data.

​​​​​​​v. The data collected within the scope of XING are in particular used by XING in order to distribute individualised advertising via its network. You can find more detailed information pertaining to the here: https://privacy.xing.com/de/datenschutzerklaerung/druckversion

​​​​​​​vi. Cookies are, if applicable, also used by XING for the processing of the data , cf. also here https://privacy.xing.com/de/datenschutzerklaerung/druckversion 

f. Linked-In

 i. For the advertising of our products and services as well as for the communication with interested parties and customers we operate a company presence on the LinkedIn platform.

ii. The European Court of Justice (ECJ) decided with the judgement of 05.06.2018 (File no.: C-210/16) that the operator of a Facebook fan page is jointly responsible with Facebook for the processing of personal data of the visitors of its site.

As the LinkedIn account in the scope of services and functionality is comparable with a Facebook fan page, the principles from the judgement can be applied to LinkedIn. 

iii. On this platform we are jointly responsible with LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.  The data protection officer of LinkedIn can be reached via a contact form, https://www.linkedin.com/help/linkedin/ask/TSO-DPO. We have as (co-)data controller of the fan pages concluded an agreement with Facebook with regard to the respective obligations within the meaning of the GDPR. This agreement, from which the reciprocal obligations can be derived, can be called under the following link https://www.linkedin.com/legal/l/dpa. The supplementary agreement for the regulation of the joint responsibility can be called here: https://legal.linkedin.com/pages-joint-controller-addendum.  

It principally applies:

  • LinkedIn and we as site administrator are co-data controllers.
  • LinkedIn is primarily responsible making information available to the user about the joint processing and to enable him to exercise the rights to which he is entitled pursuant to the GDPR. Pursuant to the GDPR the user has the right to information, rectification, portability and erasure of his data as well as to object to the processing of his data and to limitation of the processing. In the LinkedIn settings the user can find out more about these rights.
  • the supervision over LinkedIn is exercised by the Irish data protection commission.  The user has the right to lodge a complaint at the Irish data protection commission (see https://www.dataprotection.ie/) or at a local supervisory authority.

iv. When you visit our LinkedIn page LinkedIn processes personal data from you. Part of these data are made available to us via Linked in (user statistics) in an aggregated form by LinkedIn. For this purpose LinkedIn stores a cookie on the terminal device of the user. We exclusively receive the user statistics in an anonymised form. We have no access to or insight into the respective underlying data.

​​​​​​​v. LinkedIn particularly uses the data collected within the scope of the LinkedIn page in order distribute individualised advertising via its network.

We use the gained information in order to optimise our offer on LinkedIn.

Based on the entered information we also receive demographic and geographical evaluations from LinkedIn, which we use specifically in order to place interest-based advertisements without however directly gaining knowledge of the identity of a visitor. If a user uses Facebook on several technical devices the entry and evaluation can also be carried out cross-device if it concerns registered visitors who are respectively registered in their own profile.

​​​​​​​vi. The legal basis for the processing of personal data carried out hereby and depicted below is Art. 6 Para. 1 lit. f GDPR, which we request within the scope of the Cookie-Consent request. 

These data of the user serve for statistical information about the use of our company presence on LinkedIn. LinkedIn uses these data for market research and advertising purposes as well as for creating profiles of the users. Based on these profiles it is, for example, possible for LinkedIn to provide interest-related advertising to the users within and outside of LinkedIn. If the user is logged into his account on LinkedIn at the time of the call LinkedIn can moreover link the data with the respective user account.          

In the event of a contact of the user via LinkedIn the personal data of the user that are entered during this opportunity will be used for processing the request. The data of the user will be erased in our company insofar as the request of the user has been finally answered and this is not opposed by any statutory storage obligations, such as e.g. with a subsequent contract processing.

Cookies are, if applicable, also used by LinkedIn for processing the data Cookies, cf. also here https://www.linkedin.com/legal/cookie-policy.

It is not excluded that the processing by LinkedIn is also carried out through the LinkedIn Corporation 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

in the USA. Facebook Inc. has submitted itself to the EU-US Privacy Framework and declares hereby the compliance with the data protection stipulations of the EU when processing the data in the USA.

vii. You can find more detailed information pertaining to the here: https://www.linkedin.com/legal/privacy-policy?_l=de_DE  or  https://youtu.be/ulYtJzlI-Wg 

§ 11 MATOMO

We use Matomo to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offering and make it more interesting for you as a user. The Matomo cloud service is hosted by InnoCraft. This service is provided by AWS New Zealand and all data is hosted in Europe.

The legal basis for the use of Matomo is Art. 6 para. 1 sentence 1 lit. f GDPR.

Matomo will use information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.

Further information can be found here: https://matomo.org/matomo-cloud-privacy-policy/

§ 12 SMART MOBILITY MAP

We use the smart mobility app to improve our services. The controller within the meaning of the General Data Protection Regulation and other data protection regulations is: raumobil GmbH Auer Str. 19 76227 Karlsruhe. Upon request, raumobil GmbH will provide you with information about the personal data stored about you free of charge and without delay. To do so, please write to the above address or send an email to: datenschutz@raumobil.com

The smart mobility map is based on the map service of Mapbox, Inc, 740 15th Street NW, 5 th Floor, Washington DC 20005, USA. When you visit our website, it is necessary to transmit your IP address and the content shown under “Log files” to the third-party provider in order to make the content available and display it in your browser. This serves to ensure an appealing presentation of our website. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f GDPR. We have no influence on data processing by the third-party provider. If you are logged into a user account with the third-party provider, the third-party provider can assign your user behaviour to your user account. The third-party provider may store your data as a user profile and use it for the purposes of advertising, market research and/or customising its website.You must address any objections to the creation of these user profiles to the third-party provider. In order to offer you the greatest possible convenience when planning your excursion, you have the option of granting access to the location. Access to the location is voluntary and is not a prerequisite for using the website. This function is deactivated by default and is only enabled with your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR by granting access to the location. You can revoke this access option via the settings in your browser. Further information on the purpose and scope of data collection and its processing by the third-party provider can be found in their privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.mapbox.com/legal/privacy

§ 12 SECURITY CERTIFICATES

This website, including its subpages, uses an encrypted transmission in order to ensure security with the transmission of personal data. The encrypted transmission is carried out on the basis of the certificate:

Name: GeoTrust TLS RSA CA G1

Organisation: DigiCert Inc

§ 13 OB­JEC­TION TO OR RE­VO­CA­TI­ON OF THE PRO­CES­SING OF YOUR DATA

(1) If you have granted a consent to the processing of your data you can revoke this at all times for the future. Such a revocation influences the admissibility of the processing of your personal data after you have announced this to us.

(2) Insofar as we support the processing of your personal data on the weighing up of interests you can file an objection against the processing. This is the case if the processing is not necessary in particular for the fulfilment of a contract with you, which was described by us in the description of the functions. When exercising such an objection we request presentation of the reasons, which is why we should not process your personal data as carried out by us. In the event of your justified objection we will examine the factual position and will either discontinue or adjust the data processing or will present our essential reasons to you that are worthy of protection, based on which we continue the processing.

(3) Furthermore, you have the following rights vis-à-vis us with regard to your personal data:

  • Right to information
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to data portability

(3) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

[Version April 2024]